# Maintainer : Christian Rebischke <Chris.Rebischke@archlinux.org>
# Contributor: dkorzhevin <dkorzhevin at gmail dot com>
# Contributor: Thermi <noel [at] familie-kuntze dot de>
# Contributor: nikicat <develniks at gmail dot com>
# Contributor: danilo <gezuru at gmail dot com>
# Contributor: Jason Begley <jayray at digitalgoat dot com>
# Contributor: Ray Kohler <ataraxia937 at gmail dot com>
# Contributor: Daniel Riedemann <daniel.riedemann [at] googlemail [dot] com>
# Contributor: 458italia <svenskaparadox [at] gmail dot com>
# Contributor: Thermi <noel [at] familie-kuntze dot com>

pkgname=strongswan
pkgver=5.9.12
pkgrel=1
pkgdesc='Open source IPsec implementation'
url='https://www.strongswan.org'
license=('GPL2')
arch=('loong64' 'x86_64')
makedepends=('libnm' 'systemd' 'python' 'ruby' 'mariadb' 'python-setuptools')
depends=('curl' 'gmp' 'iproute2' 'openssl' 'sqlite' 'libcap' 'systemd-libs' 'pam')
optdepends=('libnm: for networkmanager support'
  'mariadb: MySQL support'
  'ruby: Ruby support'
  'python: Python support'
  'resolvconf: Resolveplugin'
  'openldap: LDAP support')
# TODO: move to package() and use find
backup=(
  etc/ipsec.conf
  etc/ipsec.secrets
  etc/swanctl/swanctl.conf
  etc/strongswan.conf
  etc/strongswan.d/{charon-logging.conf,charon.conf,pki.conf,pool.conf,scepclient.conf,starter.conf,swanctl.conf}
  etc/strongswan.d/charon/{aesni.conf,attr-sql.conf,attr.conf,bliss.conf,chapoly.conf,cmac.conf,connmark.conf,constraints.conf,curl.conf,des.conf,dhcp.conf,dnskey.conf,eap-aka-3gpp2.conf,eap-aka.conf,eap-gtc.conf,eap-identity.conf,eap-md5.conf,eap-mschapv2.conf,eap-radius.conf,eap-sim-file.conf,eap-sim.conf,eap-simaka-pseudonym.conf,eap-simaka-reauth.conf,eap-tls.conf,ext-auth.conf,farp.conf,fips-prf.conf,forecast.conf,gmp.conf,ha.conf,hmac.conf,kernel-netlink.conf,md5.conf,mgf1.conf,nonce.conf,newhope.conf,ntru.conf,openssl.conf,pem.conf,pgp.conf,pkcs1.conf,pkcs12.conf,pkcs7.conf,pkcs8.conf,pubkey.conf,random.conf,rc2.conf,resolve.conf,revocation.conf,sha1.conf,sha2.conf,sha3.conf,socket-default.conf,sql.conf,sqlite.conf,sshkey.conf,stroke.conf,updown.conf,vici.conf,x509.conf,xauth-eap.conf,xauth-generic.conf,xcbc.conf,unity.conf,curve25519.conf,bypass-lan.conf})
source=("https://download.strongswan.org/strongswan-${pkgver}.tar.bz2"{,.sig}
  'configure_ac.patch')
validpgpkeys=("948F158A4E76A27BF3D07532DF42C170B34DBA77")
sha512sums=('f8a731329e9c0e4693fe7cf7195f687e6e48c1254cc93804385b23f6e23e27fb4a235e12d8f3e77960793b951a3a7213395c4179e8d2f3891221f13b0e032e38'
            'SKIP'
            '645f6e3c9df8634ac06cbafc314ad46ede45b5412140c20236d25187a7405a5a941f74c52ca3ee3cc3a8e97d7af88b22209cae854d6e99f0ad9c489db78026c4')

prepare() {
  cd ${pkgname}-${pkgver}
  patch -Np1 -i ../configure_ac.patch
  autoreconf -fiv
}

build() {
  cd ${pkgname}-${pkgver}
  ./configure --prefix=/usr \
    --sbindir=/usr/bin \
    --sysconfdir=/etc \
    --libexecdir=/usr/lib \
    --with-ipsecdir=/usr/lib/strongswan \
    --with-nm-ca-dir=/etc/ssl/certs \
    --enable-integrity-test \
    --enable-sqlite \
    --enable-pkcs11 \
    --enable-openssl \
    --enable-curl \
    --enable-sql \
    --enable-attr-sql \
    --enable-farp \
    --enable-dhcp \
    --enable-eap-sim \
    --enable-eap-sim-file \
    --enable-eap-simaka-pseudonym \
    --enable-eap-simaka-reauth \
    --enable-eap-identity \
    --enable-eap-md5 \
    --enable-eap-gtc \
    --enable-eap-aka \
    --enable-eap-aka-3gpp2 \
    --enable-eap-mschapv2 \
    --enable-eap-radius \
    --enable-xauth-eap \
    --enable-ha \
    --enable-vici \
    --enable-swanctl \
    --enable-systemd \
    --enable-ext-auth \
    --enable-mysql \
    --enable-ldap \
    --enable-cmd \
    --enable-forecast \
    --enable-connmark \
    --enable-aesni \
    --enable-eap-ttls \
    --enable-radattr \
    --enable-xauth-pam \
    --enable-xauth-noauth \
    --enable-eap-dynamic \
    --enable-eap-peap \
    --enable-eap-tls \
    --enable-chapoly \
    --enable-unity \
    --with-capabilities=libcap \
    --enable-newhope \
    --enable-ntru \
    --enable-mgf1 \
    --enable-sha3 \
    --enable-bliss \
    --enable-dnscert \
    --enable-nm \
    --enable-agent \
    --enable-bypass-lan \
    --enable-ruby-gems \
    --enable-python-eggs
  make
}

package() {
  cd ${pkgname}-${pkgver}
  make DESTDIR="${pkgdir}" install
}
